package com.khotyn.heresy.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import com.khotyn.heresy.bean.Admin;
import com.khotyn.heresy.bean.HeresyErrorMessage;
import com.khotyn.heresy.bean.UserDetail;
import com.khotyn.heresy.dao.AdminDAO;
import com.khotyn.heresy.dao.UserDAO;

/**
 * 超级管理员创建子管理员
 * 
 * @author 赵洁琼
 * 
 */
@Controller
public class CreateAdminController {
	@Autowired
	private UserDAO userDAO;

	@Autowired
	private AdminDAO adminDAO;

	/**
	 * 初始化创建子管理员页面
	 */
	@RequestMapping(value = "/createAdmin.html", method = RequestMethod.GET)
	public ModelAndView setupCreateAdminForm(ModelMap model, HttpSession session) {
		HeresyErrorMessage message = null;

		Integer adminID = (Integer) session.getAttribute("adminID");

		if (adminID == null) {
			message = new HeresyErrorMessage("您尚未登录，请先登录", "请登录", "adminLogin.html");
			return new ModelAndView("message", "message", message);
		}

		Admin admin = new Admin();
		admin.setAdminID(adminID);

		if (!adminDAO.selectAdminByID(admin).getAdminSuper().equals("yes")) {
			message = new HeresyErrorMessage("您不是超级管理员，请先以超级管理员身份登录", "请登录",
					"adminLogin.html");
			return new ModelAndView("message", "message", message);
		}

		UserDetail user = new UserDetail();
		model.addAttribute("user", user);
		return new ModelAndView("createAdmin");
	}

	/**
	 * 初始化管理员查找用户界面
	 * 
	 * @param model
	 * @return
	 */
	@RequestMapping(value = "/adminSearch.html", method = RequestMethod.GET)
	public ModelAndView setupAdminSearchForm(ModelMap model, HttpSession session) {
		UserDetail user = new UserDetail();
		model.addAttribute("user", user);
		return new ModelAndView("adminSearch");
	}

	/**
	 * 管理员搜索通过eamil搜索用户
	 * 
	 * @param searchContent
	 *            搜索的email
	 * @param searchType
	 *            搜索的类型（只有email）
	 * @return 返回的视图
	 */
	@RequestMapping(value = "/adminSearch.html", method = RequestMethod.POST)
	public ModelAndView adminSearch(
			@RequestParam(value = "searchContent", required = true) String searchContent,
			@RequestParam(value = "searchType", required = true) String searchType,
			HttpSession session) {

		UserDetail user = new UserDetail();
		if ("email".equals(searchType)) {
			user = userDAO.selectUserByEmail(searchContent);

			// 修正user为null的错误,黄挺,2009.5.16
			if (user != null) {
				session.setAttribute("subAdminID", user.getUserID());
			}
		}
		return new ModelAndView("createAdmin", "user", user);
	}

	@RequestMapping(value = "/subAdministrator.html", method = RequestMethod.POST)
	public String createAdminForm(
			HttpServletRequest request,
			HttpSession session,
			@RequestParam(value = "permission", required = false) String permission) {
		if (permission == null) {
			return "redirect:/adminSearch.html";
		}

		if ("yes".equalsIgnoreCase(permission)) {
			UserDetail user = new UserDetail();
			int userID = (Integer) session.getAttribute("subAdminID");
			user = userDAO.selectUserByUserId(userID);

			Admin admin = new Admin();

			if (user.getUserName() != null)
				admin.setAdminName(user.getUserName());
			else
				admin.setAdminName("admin");

			admin.setAdminEmail(user.getEmail());
			admin.setAdminPassword(user.getPassword());
			admin.setAdminPermission("yes");
			admin.setAdminSuper("no");
			if (adminDAO.selectAdminByEmailAndPassword(admin) == null) {
				adminDAO.insertAdmin(admin);
			} else {
			}
		} else {

		}
		return "adminSearch";
	}

}
